package cn.cyber.wxfire.config;

import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {
    //创建realm对象，需自定义类      step:1
    @Bean
    public UserRealm userRealm()
    {
        return new UserRealm();
    }

    //DefaultWebSecurityManager 默认web安全管理器   step:2
    @Bean(name="SecurityManager")
    public DefaultWebSecurityManager defaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm)
    {
        DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
        //关联UserRealm
        securityManager.setRealm(userRealm);
        return securityManager;
    }

    //ShiroFilterFactoryBean  shiro过滤器工厂bean  step：3
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("SecurityManager") DefaultWebSecurityManager defaultWebSecurityManager)
    {
        ShiroFilterFactoryBean bean=new ShiroFilterFactoryBean();
        //配置安全管理器
        bean.setSecurityManager(defaultWebSecurityManager);
        //添加shiro过滤器
        /*
            anon：        无需认证即可访问
            authc:        认证后才可访问
            user:         必须拥有 记住我 功能才可访问
            perms:        拥有对某个资源的权限才可访问
            role：        拥有某个角色的权限才可访问
         */
        Map<String,String> filterMap=new LinkedHashMap<>();
        filterMap.put("/test/test1","authc");
        filterMap.put("/test/test2","anon");
        bean.setFilterChainDefinitionMap(filterMap);

        //设置登录请求
        bean.setLoginUrl("/test/toLogin");

        return bean;
    }
}
